44 matches found
CVE-2025-14946
A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier URI. This vulnerability arises because non-standard hostnames starting with '-o' are incorrectly interpreted as arguments to the Secure Shell SSH process,...
EUVD-2022-50320
Malicious code in bioql PyPI...
EUVD-2024-3121
Malicious code in bioql PyPI...
EUVD-2021-9207
Malicious code in bioql PyPI...
Unspecified Vulnerability in Emby MediaBrowser (CNVD-2025-19601)
Emby MediaBrowser is a media server software from Emby. Emby MediaBrowser contains a security vulnerability that can be exploited by attackers to obtain sensitive information...
Abnormal Network Behavior Detected (Low)
Abnormal network behavior by unexpected assets can indicate reconnaissance of the network by a potential attacker. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
Abnormal Network Behavior Detected (Medium)
Abnormal network behavior by unexpected assets can indicate reconnaissance of the network by a potential attacker. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
CVE-2024-28076
The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format...
CVE-2024-9798
The health endpoint is public so everybody can see a list of all services. It is potentially valuable information for attackers...
CVE-2024-41733
In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. This allows a potential attacker to learn if a given e-mail is used for an account, but does not grant access to any customer data beyond this knowledge. The attacker must already know the...
CVE-2024-41733 Information Disclosure Vulnerability in SAP Commerce
In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. This allows a potential attacker to learn if a given e-mail is used for an account, but does not grant access to any customer data beyond this knowledge. The attacker must already know the...
CVE-2024-41733
Concrete details from connected sources confirm a candidate vulnerability in SAP Commerce: an information-disclosure issue that allows an attacker to determine whether a given email is associated with a valid user account during registration or login. The impact is confined to confidentiality (lo...
CVE-2023-45735
A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device...
CVE-2023-45213
A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device...
Code injection
A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device...
CVE-2023-45213 Westermo Lynx Permissive Cross-domain Policy with Untrusted Domains
A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device...
CVE-2021-3784
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings manager', an insecure procedure is performed that keeps the created user without an assigned password during some seconds. This...
Authentication flaw
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings manager', an insecure procedure is performed that keeps the created user without an assigned password during some seconds. This...
CVE-2021-3784 Garuda Linux Improper Authorization
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings manager', an insecure procedure is performed that keeps the created user without an assigned password during some seconds. This...
CVE-2022-47560
The lack of web request control on ekorCCP and ekorRCI devices allows a potential attacker to create custom requests to execute malicious actions when a user is logged in...